Geopolitics have put enterprise data centers in the crosshairs of international espionage. From all corners of the globe, hackers of all sorts, including those aligned with national spy agencies, are zeroing in on hardware roots of trust.
For any computing platform, the root of trust is the ultimate line of defense against cybersecurity attacks. No matter how secure your operating system and applications appear to be, they are acutely vulnerable if running on a hardware platform whose root of trust has been compromised by an unauthorized party.
Trust is everything. If you breach a hardware platform’s root of trust, you can gain persistent—and often, stealthy—access to all data, processes, and other assets on that platform and to connected systems that trust it. Even so-called “zero-trust security,” which is fundamental to edge, mesh, and other distributed deployments, depends on ensuring that each hardware node can indeed trust that its firmware has not been surreptitiously compromised by a hacker.
For that reason, the hardware-level root of trust should at the very least perform these critical functions: